Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
File: 3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: J2FTGlOESI6vA4BpFL3cRFQiyh++kunMOBZdt0vGtqU=
Subject key identifier: EC:44:7A:A2:3C:6E:73:20:95:5C:F8:9B:80:93:D9:5C:36:DD:F8:F8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0970E31C9A93FE003C683A5D083A128822301F75
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:29 +0000
ROA not before: Mon 27 Jan 2025 09:40:29 +0000
ROA not after: Mon 26 Jan 2026 09:45:29 +0000
asID: 201341
IP address blocks: 153.92.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:70:e3:1c:9a:93:fe:00:3c:68:3a:5d:08:3a:12:88:22:30:1f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:29 2025 GMT
Not After : Jan 26 09:45:29 2026 GMT
Subject: CN=EC447AA23C6E7320955CF89B8093D95C36DDF8F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c8:c7:f9:f0:a0:19:f1:58:f6:85:35:c3:2b:
d5:18:af:eb:d3:97:64:16:95:a7:2a:50:9d:b4:30:
e9:91:23:e1:ff:7a:0b:62:f4:9a:ed:81:59:57:5f:
ec:1a:b9:7c:7e:28:61:9f:69:75:a0:ff:2f:fb:e3:
91:85:f3:6e:3a:21:bd:3a:43:a6:2e:70:23:85:2d:
fc:32:76:a1:50:e2:93:12:4b:83:0f:02:47:64:34:
2d:e8:97:5b:d9:ff:84:05:2c:1b:01:62:4e:8d:ba:
f6:10:1e:ae:8c:52:85:9c:2d:94:d3:76:58:66:8a:
32:61:95:0e:35:97:9c:a1:33:10:ab:94:6a:44:55:
9d:b6:28:f2:e1:d9:ed:37:01:32:b8:01:00:03:0c:
02:02:30:e8:ab:0f:05:8b:81:78:b5:b8:e7:b5:b2:
97:52:ff:15:9d:ba:f2:0c:00:67:f7:9f:cf:6b:94:
33:c3:0a:a7:e2:f6:69:e3:61:7f:b8:11:d7:db:fd:
70:77:fd:bf:88:7e:fe:7d:c8:b8:de:a0:77:32:a3:
2b:d2:ad:cb:d6:6d:b8:fe:b9:5d:bd:cc:9d:45:1d:
55:d0:c5:2f:25:c1:4f:ec:66:a6:5b:69:c2:b6:21:
9a:a6:32:65:e2:31:41:fe:12:0a:b2:d0:b8:6a:c0:
db:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:44:7A:A2:3C:6E:73:20:95:5C:F8:9B:80:93:D9:5C:36:DD:F8:F8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.189.0/24
Signature Algorithm: sha256WithRSAEncryption
00:8c:a7:72:33:69:ef:bc:98:bd:26:95:1c:fb:19:bd:05:63:
0b:af:17:b0:29:31:66:c5:4d:3b:19:1d:eb:b7:4a:37:cd:80:
43:3f:73:d0:48:aa:75:e1:c7:dd:ea:7a:c6:fe:b1:57:fc:1b:
c6:15:58:90:1d:87:c0:6d:33:55:4a:e3:87:bd:e4:9e:da:64:
6d:02:6c:5d:d3:bc:67:78:3c:1e:8b:53:a9:c6:b1:79:26:2f:
9c:33:0a:5f:6f:34:86:71:04:d8:70:6a:c7:98:7b:7e:c0:b1:
c7:e5:86:a0:b5:27:ad:bc:f5:b2:97:66:f4:d7:0a:45:18:73:
1a:76:83:df:ae:03:ba:b7:a6:4e:b4:88:2d:9a:22:c1:63:6a:
f2:9b:2d:d6:3e:3a:34:7c:13:26:17:35:df:26:96:f9:82:55:
0f:39:02:5d:80:7e:8f:74:78:e5:22:75:93:19:e9:ac:cb:6a:
21:41:43:d3:6b:f6:91:a1:29:ce:9b:48:0f:62:de:09:bf:fe:
e0:a0:06:3c:1a:77:86:b5:7b:b2:42:0e:34:7a:9a:ad:de:27:
01:4a:eb:e0:4d:24:d8:dc:1c:d1:79:88:c9:9c:a2:b0:27:aa:
78:52:af:92:3f:9c:98:96:33:81:0e:8a:6b:85:36:e9:19:98:
ea:e7:c9:f9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCXDjHJqT/gA8aDpdCDoSiCIwH3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjlaFw0yNjAxMjYwOTQ1MjlaMDMxMTAvBgNV
BAMTKEVDNDQ3QUEyM0M2RTczMjA5NTVDRjg5QjgwOTNEOTVDMzZEREY4RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfyMf58KAZ8Vj2hTXDK9UYr+vT
l2QWlacqUJ20MOmRI+H/egti9JrtgVlXX+wauXx+KGGfaXWg/y/745GF8246Ib06
Q6YucCOFLfwydqFQ4pMSS4MPAkdkNC3ol1vZ/4QFLBsBYk6NuvYQHq6MUoWcLZTT
dlhmijJhlQ41l5yhMxCrlGpEVZ22KPLh2e03ATK4AQADDAICMOirDwWLgXi1uOe1
spdS/xWduvIMAGf3n89rlDPDCqfi9mnjYX+4Edfb/XB3/b+Ifv59yLjeoHcyoyvS
rcvWbbj+uV29zJ1FHVXQxS8lwU/sZqZbacK2IZqmMmXiMUH+Egqy0LhqwNv1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7ER6ojxucyCVXPibgJPZXDbd+PgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACZXL0wDQYJKoZIhvcNAQELBQADggEBAACMp3Izae+8mL0mlRz7Gb0FYwuvF7Ap
MWbFTTsZHeu3SjfNgEM/c9BIqnXhx93qesb+sVf8G8YVWJAdh8BtM1VK44e95J7a
ZG0CbF3TvGd4PB6LU6nGsXkmL5wzCl9vNIZxBNhwaseYe37AscflhqC1J6289bKX
ZvTXCkUYcxp2g9+uA7q3pk60iC2aIsFjavKbLdY+OjR8EyYXNd8mlvmCVQ85Al2A
fo90eOUidZMZ6azLaiFBQ9Nr9pGhKc6bSA9i3gm//uCgBjwad4a1e7JCDjR6mq3e
JwFK6+BNJNjcHNF5iMmcorAnqnhSr5I/nJiWM4EOimuFNukZmOrnyfk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:28:35 2025 by rpki-client